CVE-2022-23303
Description
SAE implementations in hostapd and wpa_supplicant before 2.10 leak timing side-channel information via cache access patterns, enabling offline password attacks.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
SAE implementations in hostapd and wpa_supplicant before 2.10 leak timing side-channel information via cache access patterns, enabling offline password attacks.
Vulnerability
The Simultaneous Authentication of Equals (SAE) handshake in hostapd before 2.10 and wpa_supplicant before 2.10 is vulnerable to side-channel attacks due to cache access pattern leakage. This issue is an incomplete fix for CVE-2019-9494 [1][2]. The vulnerability affects all versions prior to 2.10, where the implementation of SAE (and EAP-pwd) uses variable-time operations (e.g., modular exponentiation and curve point validation) that depend on the password-derived secret, allowing an attacker to observe timing differences through cache side channels [3].
Exploitation
An attacker must be on the same physical machine or have access to a privileged execution context (e.g., via a malicious co-located process) to observe cache-latency variations. The attacker does not need network proximity to the victim; they only need to capture one successful SAE authentication exchange and then run a series of candidate passwords through the same vulnerable software path. By measuring the execution time of the password derivation (e.g., the PWE computation) for each candidate, the attacker can correlate timing differences to identify the correct password without brute-forcing the full space on the network [3].
Impact
Successful exploitation allows an attacker to recover the SAE password (and thus the WPA3-Personal passphrase or WPA2-PSK) used in the authenticated network. This leads to a complete compromise of network confidentiality, as the attacker can then decrypt all captured traffic and impersonate any client or access point. The attack is offline and does not require further network interaction once the trace is obtained.
Mitigation
The fix is included in hostapd and wpa_supplicant version 2.10, released on 2022-01-12 [2][3]. Patches applying constant-time operations for the PWE derivation were provided in the w1.fi security advisory [3]. Gentoo Linux provides updated packages >=net-wireless/wpa_supplicant-2.10 and >=net-wireless/hostapd-2.10 [2]. No workaround exists for versions prior to 2.10; upgrading is mandatory. This CVE is not listed on CISA's Known Exploited Vulnerabilities (KEV) catalog as of the publication date.
AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
41- SAE/hostapddescription
- Range: < 2.10
- osv-coords38 versionspkg:rpm/opensuse/wpa_supplicant&distro=openSUSE%20Leap%2015.3pkg:rpm/suse/wpa_supplicant&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/wpa_supplicant&distro=SUSE%20Enterprise%20Storage%206pkg:rpm/suse/wpa_supplicant&distro=SUSE%20Enterprise%20Storage%207pkg:rpm/suse/wpa_supplicant&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-ESPOSpkg:rpm/suse/wpa_supplicant&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSSpkg:rpm/suse/wpa_supplicant&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-ESPOSpkg:rpm/suse/wpa_supplicant&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSSpkg:rpm/suse/wpa_supplicant&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-ESPOSpkg:rpm/suse/wpa_supplicant&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-LTSSpkg:rpm/suse/wpa_supplicant&distro=SUSE%20Linux%20Enterprise%20Micro%205.0pkg:rpm/suse/wpa_supplicant&distro=SUSE%20Linux%20Enterprise%20Micro%205.1pkg:rpm/suse/wpa_supplicant&distro=SUSE%20Linux%20Enterprise%20Micro%205.2pkg:rpm/suse/wpa_supplicant&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP3pkg:rpm/suse/wpa_supplicant&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2015%20SP2pkg:rpm/suse/wpa_supplicant&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCLpkg:rpm/suse/wpa_supplicant&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-BCLpkg:rpm/suse/wpa_supplicant&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-LTSSpkg:rpm/suse/wpa_supplicant&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4-LTSSpkg:rpm/suse/wpa_supplicant&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/wpa_supplicant&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-BCLpkg:rpm/suse/wpa_supplicant&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSSpkg:rpm/suse/wpa_supplicant&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-BCLpkg:rpm/suse/wpa_supplicant&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSSpkg:rpm/suse/wpa_supplicant&distro=SUSE%20Linux%20Enterprise%20Server%2015-LTSSpkg:rpm/suse/wpa_supplicant&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/wpa_supplicant&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4pkg:rpm/suse/wpa_supplicant&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/wpa_supplicant&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015pkg:rpm/suse/wpa_supplicant&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1pkg:rpm/suse/wpa_supplicant&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2pkg:rpm/suse/wpa_supplicant&distro=SUSE%20Manager%20Proxy%204.1pkg:rpm/suse/wpa_supplicant&distro=SUSE%20Manager%20Retail%20Branch%20Server%204.1pkg:rpm/suse/wpa_supplicant&distro=SUSE%20Manager%20Server%204.1pkg:rpm/suse/wpa_supplicant&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/wpa_supplicant&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/wpa_supplicant&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/wpa_supplicant&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209
< 2.9-4.33.1+ 37 more
- (no CPE)range: < 2.9-4.33.1
- (no CPE)range: < 2.9-15.22.1
- (no CPE)range: < 2.9-4.33.1
- (no CPE)range: < 2.9-4.33.1
- (no CPE)range: < 2.9-4.33.1
- (no CPE)range: < 2.9-4.33.1
- (no CPE)range: < 2.9-4.33.1
- (no CPE)range: < 2.9-4.33.1
- (no CPE)range: < 2.9-4.33.1
- (no CPE)range: < 2.9-4.33.1
- (no CPE)range: < 2.9-4.33.1
- (no CPE)range: < 2.9-4.33.1
- (no CPE)range: < 2.9-4.33.1
- (no CPE)range: < 2.9-4.33.1
- (no CPE)range: < 2.9-4.33.1
- (no CPE)range: < 2.9-15.22.1
- (no CPE)range: < 2.9-15.22.1
- (no CPE)range: < 2.9-15.22.1
- (no CPE)range: < 2.9-15.22.1
- (no CPE)range: < 2.9-23.15.1
- (no CPE)range: < 2.9-4.33.1
- (no CPE)range: < 2.9-4.33.1
- (no CPE)range: < 2.9-4.33.1
- (no CPE)range: < 2.9-4.33.1
- (no CPE)range: < 2.9-4.33.1
- (no CPE)range: < 2.9-15.22.1
- (no CPE)range: < 2.9-15.22.1
- (no CPE)range: < 2.9-23.15.1
- (no CPE)range: < 2.9-4.33.1
- (no CPE)range: < 2.9-4.33.1
- (no CPE)range: < 2.9-4.33.1
- (no CPE)range: < 2.9-4.33.1
- (no CPE)range: < 2.9-4.33.1
- (no CPE)range: < 2.9-4.33.1
- (no CPE)range: < 2.9-15.22.1
- (no CPE)range: < 2.9-15.22.1
- (no CPE)range: < 2.9-15.22.1
- (no CPE)range: < 2.9-15.22.1
Patches
0No patches discovered yet.
Vulnerability mechanics
No source-code context for this CVE — mechanics is only generated when we can read the actual fix diff. Without that, the four sections (root cause, attack vector, affected code, fix) would be speculation rather than analysis.
References
3- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPDHU5MV464CZBPX7N2SNMUYP6DFIBZL/mitrevendor-advisory
- security.gentoo.org/glsa/202309-16mitrevendor-advisory
- w1.fi/security/2022-1/mitre
News mentions
0No linked articles in our index yet.